1 SANS Technology Institute - Candidate for Master of Science Degree 1 Assessing Privacy Risks of Flash Cookies Kevin Fuller and Stacy Jordan February.

Slides:



Advertisements
Similar presentations
Final Project Instructor: Nguyen Anh Tu Students: Tran Tien Tai Tran Tien Tai Tran Ngoc Mai Tran Ngoc Mai Tu Kim Tuan Tu Kim Tuan Nguyen Ngoc Phuong Nguyen.
Advertisements

Introduction to HTML, XHTML, and CSS
0 - 0.
The Internet and the Web
Introduction Lesson 1 Microsoft Office 2010 and the Internet
How to protect yourself, your computer, and others on the internet
®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.
The internet. Background Created in 1969, connected computers at UCLA, Stanford Research Institute, U. of Utah, and UC at Santa Barbara With an estimated.
Information Systems Today: Managing in the Digital World
2 1.Client protection principles 2.Principle #6 in practice 3.The client perspective 4.Participant feedback 5.Tools for improving practice 6.Conclusion.
Services Course Windows Live SkyDrive Participant Guide.
XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.
® Microsoft Office 2010 Browser and Basics.
Test B, 100 Subtraction Facts
Discovering Computers & Microsoft Office 2010 Discovering Computers Chapter 3.
Services Course Windows Live SkyDrive Participant Guide.
Unit 11 Using the Internet & Browsing the Web.  Define the Internet and the Web  Set up & troubleshoot an Internet connection  Categorize webs sites.
WEB BROWSER SECURITY By Robert Sellers Brian Bauer.
Google Docs is a free, web-based office suite offered by Google within its Google Drive service. It was formerly a storage service as well, but has since.
Google Chrome Parks Brown Google Chrome 1  Chrome is the largest web browser service in the entire world  Used in 45% of the web browser market, with.
Internet Browser History Presented by K. SURESH sureshsrikalahasti.weebly.com
Chapter 11 Privacy Policies and Behavioral Marketing.
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
Technology for Computer Forensics by Alicia Castro.
What are cookies? Cookies are text files stored on one’s computer after visiting a website Used for: -Storing information such as a unique visitor ID -Allowing.
Tracking, Privacy, You & The 21 st Century When you talk online the internet listens.
The Privacy Tug of War: Advertisers vs. Consumers Presented by Group F.
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
The Internet & Web Browsers Business Webpage Design Kelly Seale.
How It Applies In A Virtual World
Google Chrome Your Customized Google Buddy April 2012 John Riley and Denise Tate-Kuhler.
PowerPoint Presentation to Accompany GO! with Internet Explorer 9 Getting Started Chapter 3 Exploring the World Wide Web with Internet Explorer 9.
With Internet Explorer 9 Getting Started© 2013 Pearson Education, Inc. Publishing as Prentice Hall1 Exploring the World Wide Web with Internet Explorer.
Computer Concepts 2014 Chapter 7 The Web and .
Social Media. Behavioral Marketing General themes. Cookies. Geolocation. Homework: check out cookies on your computer. Experiment with geolocation.
Adapted from Computer Concepts, New Perspectives, Thompson Course Technology EDW 647: The Internet Dr. Roger Webster & Dr. Nazli Mollah 24 Cookies: What.
JavaScript, Fourth Edition
Chapter 3 (HW02) Exploring the World Wide Web with Internet Explorer 9.
Day 2. The norms of appropriate, responsible behavior with regard to technology use Communic ation Commerce Literacy Access Etiquette Law Rights & Responsibi.
DISCLAIMER: This help document will require you to make changes to your computer’s internet settings. Any changes you make are done at your own risk! If.
Chapter 8 Cookies And Security JavaScript, Third Edition.
XP New Perspectives on The Internet, Sixth Edition— Comprehensive Tutorial 1 1 Browser Basics Introduction to the Web and Web Browser Software Tutorial.
Web Engineering we define Web Engineering as follows: 1) Web Engineering is the application of systematic and proven approaches (concepts, methods, techniques,
Chapter 2 The Internet. Evolution of the Internet History of the internet.
The DoubleClick controversy and other related issues pertaining to privacy on the Internet.
NETWORK HARDWARE AND SOFTWARE MR ROSS UNIT 3 IT APPLICATIONS.
(and other interesting facts). My Computer is Slow Internet Active Directory Video Issues.
Restoring Privacy, Cleaning Your Computer's Cookies and Beacons.
ONLINE SAFETY AND SECURITY Computer Basics 1.5. INFAMOUS CYBER ATTACKS IN 2014 Sony Pictures: Attackers stole just about everything in the corporate network,
By: Jasmin Smith  ability to control what information one reveals about one’s self over the Internet.
The Internet & Web Browsers Business Webpage Design Created by Kelly Seale Adapted by Jill Einerson.
Top Ten Ways to Protect Privacy Online -Abdul M. Look for privacy policies on Web Sites  Web sites can collect a lot of information about your visit.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
Some from Chapter 11.9 – “Web” 4 th edition and SY306 Web and Databases for Cyber Operations Cookies and.
Internet Basics 10/23/2012. What is the Internet? It’s a world-wide network of computer networks. It grows hourly and involves national governments, communities,
How to fix Netflix Signing In Issues? For More Details Visit Our Website
Facebook privacy policy
Managing Windows Security
Chapter 10: Web Basics.
Unit 11 Using the Internet & Browsing the Web
Unit 12 Using the Internet & Browsing the Web
MICROSOFT OUTLOOK and Outlook service Provider
Internet and security.
Latest Updates on BlackHawk Mines Music : Privacy Policy
Internet Basics.
What is Cookie? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve.
Skills Development Program
Privacy Issues part 4 Information/data privacy
Windows Vista Inside Out
Browsing in Private Mode
Presentation transcript:

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Assessing Privacy Risks of Flash Cookies Kevin Fuller and Stacy Jordan February 2011 Joint Written Project

SANS Technology Institute - Candidate for Master of Science Degree 2 Objective Provide an overview of http and flash cookies Describe the problem with storing flash cookies Provide tools that will detect, manage and analyze flash cookies

SANS Technology Institute - Candidate for Master of Science Degree 3 What are Cookies? Cookies! Cookies everywhere! What are cookies? Text file of information Tells website you are you (HTTP cookie) Keeps you logged into your website Your Internet ID card

SANS Technology Institute - Candidate for Master of Science Degree 4 So Whats The Problem? Cookies can store a lot of information –Name, address phone number –Websites visited, Webpages viewed –Account logon IDs, passwords –On and On and….. All happening without the users knowledge or permission

SANS Technology Institute - Candidate for Master of Science Degree 5 The Cookie Cold War Advertisers and e-tailers –Targeted advertising –Gather your info and sell it to customers Privacy and Internet Security Advocates –Features to block and delete cookies –Software to manage cookies –Laws and rules to aid Internet users

SANS Technology Institute - Candidate for Master of Science Degree 6 The Advertisers' Response? Flash Cookies!! They hold more information ( 100k+ vs 4k ) They can have no expiration date They cannot be handled by existing cookie management technologies Re-Spawning!! They can do more to control your computer Trojan-like behavior

Flash Cookie Super Cookie –Component of Adobe Flash Player Local Storage Object Three Types –Master Cookie –Settings Cookie –Content Cookie Stored in a different location SANS Technology Institute - Candidate for Master of Science Degree 7

How Much Information? Common Information Like: Name, UserID, websites accessed, general location and purchases More Personal Information Like: Home address, sexual preference, health conditions, financial information Settings Information Like: Allowing other domains access to cookie Allowing third party access to cookie Camera settings Audio and video settings SANS Technology Institute - Candidate for Master of Science Degree 8

Risk and Response Risk –Privacy –Trojan? –Malicious Response –Legal Pressure –New Rules –Industry Self Regulation? SANS Technology Institute - Candidate for Master of Science Degree 9

Private Browsing Mode Internet Explorer –In-Private Browsing Safari –Private browsing Google –Incognito Firefox –Private browsing –New Rules SANS Technology Institute - Candidate for Master of Science Degree 10

SANS Technology Institute - Candidate for Master of Science Degree 11 How to Find Flash Cookies The use of DIR command with command line switches can find flash cookies

Simple Detection and Deletion Flash Cookies Cleaner Flash Cookie Cleaner SANS Technology Institute - Candidate for Master of Science Degree 12

Managing Flash Cookies Adobe Flash Player Settings Manager SANS Technology Institute - Candidate for Master of Science Degree 13 Maxa Cookie Manager CCleaner

SANS Technology Institute - Candidate for Master of Science Degree 14 Analyze Flash Cookies Edit Plus: can convert flash cookie data into hexadecimal(HEX) format SOLCAT: Perl tool created by Kristinn Guidjonsson to parse flash cookie created in Action Message Format 0 (AMF0) Galleta: forensic tool created by Keith Jones that will recreate Internet History

SANS Technology Institute - Candidate for Master of Science Degree 15 Analysis of In-Private Browsing Session Tools used for analysis –CCleaner –NetAnalysis Results of Analysis –No flash cookies were saved –Other files were saved that could be used to trace Internet activity

SANS Technology Institute - Candidate for Master of Science Degree 16 Browser Plugins Mozilla Firefox –Better Privacy –Tracker Scan Google Chrome –Click and Clean

SANS Technology Institute - Candidate for Master of Science Degree 17 The (Near) Future NPAPI ClearSiteData –Integrated flash cookie deletion –Google and Firefox Adobe Flash Player Settings Manager –Integrate it into client Flash Player Internet Explorer 9 –Tracking Opt Out feature

SANS Technology Institute - Candidate for Master of Science Degree 18 Summary Cookies provide a treasure trove of information concerning Internet browsing habits As a result, companies that collect information need to protect the data Variety of tools are available to detect, manage and analyze flash cookies In the future, browsers will have new features to better protect from tracking

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.